Trampling GDPR and elections
Originally published: newspaper “Kathimerini” – Readers’ letters (in Greek)
Date: 31/05/2019
Aimilios Koronaios
Attorney at Law
LL.M. (Aberdeen), LL.M. (Athens)
Mr. Director,
A few days ago (May 25th), a year passed by since the commencement of application of the General Data Protection Regulation, also known as the GDPR, both in Greece and in the European Union. GDPR is an EU law, which aims to significantly expand the protection of personal data, as already enshrined in our country, in particular by Law no. 2472/1997 and Law no. 3471/2006.
In this context, very recently (March 2019) the Greek Data Protection Authority issued updated guidelines for the lawful processing of personal data for the purpose of political communication. These, inter alia, emphasize that political communication via short message services (SMS) requires in principle the prior consent of the recipient.
Nevertheless, during the recent election period I received more than 50 short message services (SMS) relating to political communication from more than 30 candidates, despite the fact that:
a) I do not know them personally; the vast majority of them I’ve never even heard of;
b) I never gave them my phone number.
c) I never consented to such communication. To this day, I do not even know how my personal data was made available to them.
This is an unprecedented breach of personal data protection, which gives rise to great sadness. Especially when its “perpetrators” are people who preach that they can set things straight both within and outside the country’s borders.